Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
If you work in computer security, your Twitter feed and/or Inbox has just exploded with stories about not just one but two new holes in cryptographic protcols. One affects WiFi; the other affects RSA key pair generation by certain chips. How serious are these? I'm not going to go through the technical details. For KRACK, Matthew Green did an excellent blog post; for the other, full details are not yet available. There are also good articles on each of them. What's more interesting are the implications. more
News of cyberattacks is slowly becoming a new normal. We are still at a stage where high-profile cases, like the recent attack against the American credit reporting company Equifax, in which 145.5 million users had their personal information compromised, raise eyebrows. But we need those eyebrows to stay up because we should never accept cyber threats as the new normal. more
On Sept. 27, Internet Corporation for Assigned Names and Numbers (ICANN) announced that the first root zone Key Signing Key (KSK) rollover - originally scheduled to take place on Oct. 11 - will be postponed. Although this was certainly a difficult decision, we fully agree that erring on the side of caution is the best approach to take. In this blog post, I want to explain some of the involvement Verisign has had in KSK rollover preparations, as well as some of the recently available research opportunities which generated data that we shared with ICANN related to this decision. more
This is the fundamental question that the Internet Society is posing through the report just launched today, our 2017 Global Internet Report: Paths to Our Digital Future. The report is a window into the diverse views and perspectives of a global community that cares deeply about how the Internet will evolve and impact humanity over the next 5-7 years. We couldn't know what we would find when we embarked on the journey to map what stakeholders believe could shape the future of the Internet... more
In an open letter to the World Wide Web Consortium (W3C), the Electronic Frontier Foundation (EFF) announced on Tuesday that it is resigning from World Wide Web Consortium (W3C) in response to the organization publishing Encrypted Media Extensions (EME) as a standard. more
China has revealed plans to create a national data repository for information on cyberattacks and will require telecom firms, internet companies and domain name service providers to report threats to it. more
Security firm, Armis Labs, has revealed a new attack vector that can target major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them.
more
Deputy chief of naval operations for information warfare, Vice Adm. Jan Tigh, says the military is investigating the possibility of compromised computer systems behind two U.S. Navy destroyer collisions with merchant vessels that occurred in recent months. more
Equifax has blamed a flaw in the software running its online databases for the massive breach revealed last week that has allowed hackers to steal personal information of as many as 143 million customers. more
In an announcement today, credit reporting giant Equifax revealed a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. more
I opened an email from GoDaddy over the weekend on my phone. Or so I initially thought. I had recently helped a client transfer a domain name to a GoDaddy account (to settle a domain name dispute), so the subject line of the email -- "Confirm this account" -- simply made me think that I needed to take another action to ensure everything was in working order. But quickly, my radar went off. more
The Western energy sector is being targeted by a new wave of cyberattacks capable of providing attackers ability to severely disrupt affected operations, according to reports on Wednesday. more
A group of security researchers have succeeeded in cracking over 320 million passwords which were made public in an encrypted blacklist. more
There's lots of security advice in the press: keep your systems patched, use a password manager, don't click on links in email, etc. But there's one thing these adages omit: an attacker who is targeting you, rather than whoever falls for the phishing email, won't be stopped by one defensive measure. Rather, they'll go after the weakest part of your defenses. You have to protect everything -- including things you hadn't realized were relevant. more
Failing to block a stealthy malicious host from making connections to your network could cost your company millions of dollars, a damaged reputation, and severe losses in sensitive private data. Threat intel teams have faced on-going problems: Expensive feeds that are slow to catch new threats; Chasing false positives in alerts wastes time and money; and Vendors selling a new appliance for every ill. Would 100% of your users Spot the Bot? more
A World-Renowned Source for Internet Developments. Serving Since 2002.